sha256sum -c cryptopower-v1.1.4-manifest.txt
cryptopower-v1.1.4.apk: OK
sha256sum: cryptopower-darwin-amd64-v1.1.4.app.zip: No such file or directory
cryptopower-darwin-amd64-v1.1.4.app.zip: FAILED open or read
sha256sum: cryptopower-darwin-arm64-v1.1.4.app.zip: No such file or directory
cryptopower-darwin-arm64-v1.1.4.app.zip: FAILED open or read
cryptopower-linux-amd64-v1.1.4: OK
cryptopower-linux-arm64-v1.1.4: OK
cryptopower-windows-386-v1.1.4.exe: OK
cryptopower-windows-amd64-v1.1.4.exe: OK
sha256sum: WARNING: 2 listed files could not be read
Just renaming the cryptopower-darwin-* files to include the .app suffix will fix this. The hashes match otherwise.
Issue 2:
gpg signature check fails because it was created with EDDSA key 45BBDA8A927C44360B18ECC0FF54551AB3BF7E89. The expected key fingerprint is 5C26BFEC6C2466A528D5551CD05AC74F68976E52, taken from https://github.com/crypto-power/cryptopower/releases/tag/v1.0.0
Issue 3:
The cryptopower-v1.1.4-manifest.txt.asc file says Hash: SHA512 in it but the hash algo used is SHA256. This is a minor bug that doesn't prevent verification for me, but it may break verification for software/scripts that actually read this value.
There are three issues with https://github.com/crypto-power/cryptopower/releases/tag/v1.1.4
Issue 1:
Just renaming the
cryptopower-darwin-*
files to include the.app
suffix will fix this. The hashes match otherwise.Issue 2:
gpg signature check fails because it was created with EDDSA key
45BBDA8A927C44360B18ECC0FF54551AB3BF7E89
. The expected key fingerprint is5C26BFEC6C2466A528D5551CD05AC74F68976E52
, taken from https://github.com/crypto-power/cryptopower/releases/tag/v1.0.0Issue 3:
The
cryptopower-v1.1.4-manifest.txt.asc
file saysHash: SHA512
in it but the hash algo used is SHA256. This is a minor bug that doesn't prevent verification for me, but it may break verification for software/scripts that actually read this value.